I have been advising organizations on strategy, process, and technology related to ESG for over fifteen years. Of course, it has not been called ESG for that long. It was CSR (corporate social responsibility), social accountability, sustainability . . . now it is ESG. ESG has a lot more focus and momentum than its previous iterations. It has teeth from corporate investors, regulators, stakeholders and even employees and clients.
Today, I am at the Interact 2022 conference in Nashville. I did one session on ESG and following that another session on policy management. The interesting thing is the one, ESG, is built on the other, policy management.
ESG is built on the policies of the organization. From the code of conduct down into the range of policies that govern the environment, health and safety, inclusivity, diversity, privacy, labor standards (e.g., child labor, forced labor, working conditions), anti-bribery and corruption, transparency, security, and many more. These all establish the framework for what ESG is in the organization.
The starting point of building an ESG program is doing an inventory of all policies related to the many aspects of E-environment, S-social, and G-governance. The organization has policies in these areas today. There may be gaps, but ESG starts with understanding what policies are in place today that are part of ESG and then identifying changes needed to these policies and write new, or revise existing, policies for any gaps the organization has.
It is through policies and policy enforcement/adherence that the organization’s integrity to ESG is measured against. Only through the foundation of established written codes of behavior and boundaries of conduct is an ESG program then assessed, measured, monitored, and reported upon.
Simply put: you cannot have an ESG program without policies. Therefore, well-written policies and good policy management practices are an essential foundation to an ESG program in an organization.
However, it is not just well-written policies that are important, they must also be communicated and engaged to employees and third-parties (e.g., vendors, suppliers) to be effective in the organization. Policies are only as good as the awareness and enforcement of them in the environment. It is through policy engagement that true ESG cultural transformation is done.
The challenge is that organizations will often find that their policies are a mess and policy management even more of a mess. That different departments have different portals, templates, file shares, and more. Many organizations do not even know what policies they have.
If you are going to start an ESG strategy and program in your organization, I suggest you start with doing a good inventory of your current policies, map them to your ESG risks and framework, clean them up, provide consistent management and monitoring of policies leveraging technology designed for policy management, and deliver a single portal of all the organizations policies to your employees, again through technology designed for policy engagement. You cannot do ESG without addressing your policies and the management of them.